[SERVER-26565] --keyFile /dev/stdin does not work Created: 11/Oct/16 Updated: 06/Dec/22 |
|
| Status: | Backlog |
| Project: | Core Server |
| Component/s: | Security |
| Affects Version/s: | 3.2.10 |
| Fix Version/s: | None |
| Type: | New Feature | Priority: | Minor - P4 |
| Reporter: | Serhat Dinçer | Assignee: | Backlog - Security Team |
| Resolution: | Unresolved | Votes: | 1 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Assigned Teams: |
Server Security
|
| Participants: |
| Description |
|
I would like to type the shared secret between members of a replica set on my terminal, and not leave a trace of it in a file on hard disk. So trying to read it from standard input does not work. |
| Comments |
| Comment by Spencer Jackson [ 13/Oct/16 ] |
|
Hi! This does seem like it could be useful. Something that might work for you in the meantime, is using x509 cluster authentication with encrypted keys. If you then start your server without --sslPEMKeyPassword, you will be prompted to enter the password used to encrypt the keys. There is a known issue, |